From 6297ad954e7374c2077243136821bbcf62145a2c Mon Sep 17 00:00:00 2001 From: Sven Ketelsen Date: Wed, 6 Apr 2022 10:08:52 +0200 Subject: [PATCH] feat: removed admin ips from firewalls --- group_vars/all/firewall.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/group_vars/all/firewall.yml b/group_vars/all/firewall.yml index 008e32d..b3cd629 100644 --- a/group_vars/all/firewall.yml +++ b/group_vars/all/firewall.yml @@ -8,28 +8,28 @@ hcloud_firewall_objects: direction: in protocol: icmp port: '' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: ICMP allowed - direction: in protocol: tcp port: '22' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: SSH allowed - direction: in protocol: tcp port: '80' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: HTTP allowed - direction: in protocol: tcp port: '443' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: HTTPS allowed - @@ -59,21 +59,21 @@ hcloud_firewall_objects: direction: in protocol: tcp port: '9080-9085' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: 'Server/Service Monitoring' - direction: in protocol: tcp port: '9001' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: 'PgAdmin' - direction: in protocol: tcp port: '9187' - source_ips: '{{ ip_whitelist + ip_whitelist_admins }}' + source_ips: '{{ ip_whitelist }}' destination_ips: [] description: 'Postgres-Exporter' apply_to: @@ -236,7 +236,6 @@ hcloud_firewall_objects_kibana: label_selector: selector: 'service=kibana' - hcloud_firewall_objects_management: - name: "{{ stage }}-access-to-management"